michael/michaelschiemer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
46f17c516440d3494c34bdf1d80b034b4c2b26a9
michaelschiemer/deployment/README.md
Michael Schiemer 16d586ecdf chore: Update deployment configuration and documentation 
- Update Gitea configuration (remove DEFAULT_ACTIONS_URL)
- Fix deployment documentation
- Update Ansible playbooks
- Clean up deprecated files
- Add new deployment scripts and templates
2025-10-31 21:11:11 +01:00

282 lines
7.7 KiB
Markdown
Raw Blame History

# Pragmatic Production Deployment Setup
## Architecture Overview
This deployment setup uses separate Docker Compose stacks for better maintainability and clear separation of concerns.
### Infrastructure Components
```
Production Server (94.16.110.151)
├── Stack 1: Traefik (Reverse Proxy & SSL)
├── Stack 2: Gitea (Git Server + MySQL + Redis)
├── Stack 3: Docker Registry (Private Registry)
├── Stack 4: Application (PHP + Nginx + Redis + Queue Workers)
├── Stack 5: PostgreSQL (Database)
└── Stack 6: Monitoring (Portainer + Grafana + Prometheus)
Development Machine
└── Gitea Actions Runner (local, Docker-in-Docker)
```
## Deployment Flow
```
Developer → git push
Gitea (Production)
Gitea Actions (Dev Machine)
Build Docker Image
Push to Private Registry
SSH/Ansible → Production Server
docker compose pull
docker compose up -d
```
## Directory Structure
```
deployment/
├── stacks/ # Docker Compose stacks
│ ├── traefik/ # Reverse proxy with SSL
│ ├── gitea/ # Git server
│ ├── registry/ # Private Docker registry
│ ├── application/ # Main PHP application
│ ├── postgres/ # Database
│ └── monitoring/ # Portainer + Grafana + Prometheus
├── ansible/ # Automation playbooks
│ ├── playbooks/ # Deployment automation
│ ├── inventory/ # Server inventory
│ └── secrets/ # Ansible Vault secrets
└── docs/ # Deployment documentation
```
## Getting Started
### 🚀 Quick Start: Code deployen
**Einfachste Methode:**
```bash
git add .
git commit -m "feat: Add new feature"
git push origin main # → Automatisches Deployment!
```
**Pipeline-Status:** `https://git.michaelschiemer.de/michael/michaelschiemer/actions`
**📖 Vollständige Anleitung:** Siehe [QUICK_START.md](QUICK_START.md) oder [CODE_CHANGE_WORKFLOW.md](CODE_CHANGE_WORKFLOW.md)
---
### Initial Setup (nur bei erstem Setup)
**Prerequisites:**
**Production Server:**
- Docker & Docker Compose installed
- Firewall configured (ports 80, 443, 2222)
- User `deploy` with Docker permissions
- SSH access configured
**Development Machine:**
- Docker & Docker Compose installed
- Ansible installed
- SSH key configured for production server
**Deployment via Ansible:**
```bash
cd deployment/ansible
ansible-playbook -i inventory/production.yml playbooks/setup-infrastructure.yml
```
Dieses Playbook deployed alle Stacks:
- Traefik (Reverse Proxy & SSL)
- PostgreSQL (Database)
- Docker Registry (Private Registry)
- Gitea (Git Server)
- Monitoring (Portainer, Grafana, Prometheus)
- **Application Stack** (PHP Application + Nginx + Redis + Queue Workers)
**📖 Vollständige Setup-Anleitung:** Siehe [SETUP-GUIDE.md](SETUP-GUIDE.md)
## Stack Documentation
Each stack has its own README with detailed configuration:
- [Traefik](stacks/traefik/README.md) - Reverse proxy setup
- [Gitea](stacks/gitea/README.md) - Git server configuration
- [Registry](stacks/registry/README.md) - Private registry setup
- [Application](stacks/application/README.md) - Application deployment
- [PostgreSQL](stacks/postgres/README.md) - Database configuration
- [Monitoring](stacks/monitoring/README.md) - Monitoring stack
## Deployment Commands
### Code deployen (Image-basiert)
```bash
cd deployment/ansible
ansible-playbook -i inventory/production.yml \
playbooks/deploy-update.yml \
-e "image_tag=abc1234-1696234567"
```
### Code synchen (Git-basiert)
```bash
cd deployment/ansible
ansible-playbook -i inventory/production.yml \
playbooks/sync-code.yml \
-e "git_branch=main"
```
### Rollback zu vorheriger Version
```bash
cd deployment/ansible
ansible-playbook -i inventory/production.yml \
playbooks/rollback.yml
```
**📖 Vollständige Command-Referenz:** Siehe [DEPLOYMENT_COMMANDS.md](DEPLOYMENT_COMMANDS.md)
### Update Specific Stack
```bash
cd stacks/<stack-name>
docker compose pull
docker compose up -d
```
## CI/CD Pipeline
The CI/CD pipeline is defined in `.gitea/workflows/production-deploy.yml` and runs automatically on push to `main` branch.
### Quick Start: Deploy Code Changes
```bash
# 1. Make changes locally
# ... edit files ...
# 2. Commit changes
git add .
git commit -m "feat: Add new feature"
# 3. Push to main → Automatic deployment starts
git push origin main
```
**What happens automatically:**
- ✅ Tests run (~2-5 min)
- ✅ Docker image is built (~3-5 min)
- ✅ Image is pushed to registry (~1-2 min)
- ✅ Ansible deployment runs (~2-4 min)
- ✅ Application stack is updated
**Total time:** ~8-15 minutes
**Status check:**
- Pipeline status: `https://git.michaelschiemer.de/michael/michaelschiemer/actions`
- Application status: `ssh deploy@94.16.110.151 "cd ~/deployment/stacks/application && docker compose ps"`
**📖 Vollständige Dokumentation:**
- **[QUICK_START.md](QUICK_START.md)** ⭐ - Schnellstart-Guide für Deployment
- **[CODE_CHANGE_WORKFLOW.md](CODE_CHANGE_WORKFLOW.md)** - Kompletter Guide für Codeänderungen
- **[APPLICATION_STACK_DEPLOYMENT.md](APPLICATION_STACK_DEPLOYMENT.md)** - Detaillierter Deployment-Ablauf
- **[CI_CD_STATUS.md](CI_CD_STATUS.md)** - CI/CD Pipeline Status & Checkliste
- **[DEPLOYMENT_SUMMARY.md](DEPLOYMENT_SUMMARY.md)** - Projekt-Status Übersicht
### Pipeline Details
The CI/CD pipeline runs on push to main branch:
1. **Build Stage**: Build Docker image
2. **Push Stage**: Push to private registry
3. **Deploy Stage**: Deploy to production via Ansible
## Monitoring
Access monitoring tools:
- **Portainer**: https://portainer.yourdomain.com
- **Grafana**: https://grafana.yourdomain.com
- **Prometheus**: https://prometheus.yourdomain.com
## Backup & Recovery
### Automated Backups
- **PostgreSQL**: Daily backups with 7-day retention
- **Gitea Data**: Weekly backups
- **Registry Images**: On-demand backups
### Manual Backup
```bash
ansible-playbook -i inventory/production.yml playbooks/backup.yml
```
### Restore from Backup
```bash
ansible-playbook -i inventory/production.yml playbooks/restore.yml
```
## Security
- All external services behind Traefik with HTTPS
- Private registry with BasicAuth
- Secrets managed via Ansible Vault
- Regular security updates via Watchtower
## Troubleshooting
### Check Stack Health
```bash
cd stacks/<stack-name>
docker compose ps
docker compose logs -f
```
### Check Service Connectivity
```bash
curl -I https://app.yourdomain.com
docker network inspect traefik-public
```
### View Logs
```bash
# Application logs
docker compose -f stacks/application/docker-compose.yml logs -f app-php
# Traefik logs
docker compose -f stacks/traefik/docker-compose.yml logs -f
```
## 📚 Dokumentation Index
**Vollständige Dokumentations-Übersicht:** Siehe [DOCUMENTATION_INDEX.md](DOCUMENTATION_INDEX.md)
**Wichtigste Dokumente:**
- **[QUICK_START.md](QUICK_START.md)** ⭐ - Schnellstart
- **[CODE_CHANGE_WORKFLOW.md](CODE_CHANGE_WORKFLOW.md)** - Code deployen
- **[APPLICATION_STACK_DEPLOYMENT.md](APPLICATION_STACK_DEPLOYMENT.md)** - Deployment-Details
- **[CI_CD_STATUS.md](CI_CD_STATUS.md)** - CI/CD Status
- **[DEPLOYMENT_SUMMARY.md](DEPLOYMENT_SUMMARY.md)** - Projekt-Übersicht
## Support
For issues and questions, see:
- [Troubleshooting Guide](docs/troubleshooting.md)
- [Workflow Troubleshooting](WORKFLOW-TROUBLESHOOTING.md)
- [CI/CD Status](CI_CD_STATUS.md) - Mit Troubleshooting-Section
## Migration from Docker Swarm
See [Migration Guide](docs/migration-from-swarm.md) for detailed instructions on migrating from the old Docker Swarm setup.
## License
This deployment configuration is part of the Custom PHP Framework project.
Reference in New Issue View Git Blame Copy Permalink